Companies that collect sensitive personal information have a legal duty to keep that information secure and to dispose of it properly. Not upholding that duty has serious consequences as evidenced by a $1,000,000 fine levied on one company by the HHS and FTC.
Unfortunately failing to dispose of information sensitive material in the correct way is not an uncommon occurrence. Dataloss db, an organization that tracks and lists incidents of improper data disposal shows that this type of bad behavior is becoming a serious threat to privacy and security.
Businesses need to plan for the entire life cycle of documents and files that may contain information sensitive material from origin to eventual destruction. If you need help developing a plan or have questions about what types of documents require special consideration, speaking with a trained document management specialist is a good place to start. The cost of implementing a plan for proper disposal is much less than the fine for doing it wrong.